Microsoft Office vulnerabilities mean no .doc is safe – CNET

Microsoft Office vulnerabilities mean no .doc is safe – CNET

It’s an unsafe Office environment.Two cybersecurity firms have uncovered vulnerabilities in Microsoft Office files that have allowed hackers to install malware through Word documents. The exploit — referred to as “zero day,” because it hasn’t yet been patched — works on all Microsoft Office versions, with attacks stretching back to late January, according to McAfee.The suite of programs, which incorporates Word, Excel and PowerPoint, is used by 1.2 billion people, according to Microsoft.Microsoft plans to issue an update Tuesday to address the vulnerability. Tuesday also is the day that the software giant launches its momentous Windows 10 Creators Update.”Meanwhile, we encourage customers to practice safe computing habits online,” a Microsoft spokesperson said in a statement, “including exercising caution before opening unknown files and not downloading content from untrusted sources to avoid this type of issue.”